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CLAIMS 

What is claimed is: 

1 . A method of establishing permission to use information associated with a 
user, said method comprising: 

identifying the user in connection with an application, said application 
requesting to use selected information associated with the user according to a 
predefined policy; 

determining whether permission was previously granted for the application 
to use the selected information according to the policy; and 

notifying the user if a change has been made to the policy since the 
permission was previously granted for the application to use the selected information. 

2. The method of claim 1 , wherein notifying the user comprises providing a 
user interface to inform the user of the change to the policy since the permission was 
previously granted for the application to use the selected information. 

3. The method of claim 1 , further comprising requesting consent to the 
change via the user interface. 
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4. The method of claim 3, further comprising denying use of the selected 
information by the application until consent to the change is granted in response to the 
user interface. 

5. The method of claim 3, further comprising denying use of the selected 
information by the application if consent to the change is denied in response to the user 
interface. 

6. The method of claim 3, wherein the identified user is associated with a 
managed account and wherein requesting consent to the change comprises requesting 
consent to the change from a manager of the account. 

7. The method of claim 1 , further comprising defining a consent state 
associated with the user, said consent state directly corresponding to a version of the 
policy for which the user has granted permission to the application to use the selected 
information. 

8. The method of claim 7, further comprising maintaining a user profile 
associated with the user and storing the consent state in user profile. 

9. The method of claim 7, further comprising identifying which version of the 
policy is currently in use for the application and determining when the version of the 
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policy corresponding to the consent state is different from the version of the policy 
currently in use for the application. 

10. The method of claim 9, wherein notifying the user of the change to the 
policy is responsive to determining when the version of the policy corresponding to the 
consent state is different from the version of the policy currently in use for the 
application. 

1 1 . The method of claim 7, wherein identifying the user comprises receiving 
login information from the user and authenticating the user based on the received login 
information. 

12. The method of claim 10, wherein authenticating the user comprises 
associating a unique identifier with the user. 

13. The method of claim 12, further comprising associating the unique 
identifier for the user to the consent state associated with the user. 

14. The method of claim 1 , further comprising storing information 
representative of which version of the policy is current. 

1 5. The method of claim 1 , further comprising storing content of the change to 
the policy relative to a version of the policy. 
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16. The method of claim 1 , further comprising maintaining a notification store 
containing information representative of one or more of the following: a grace period for 
granting consent to the change to the policy; content of the change to the policy relative 
to a version of the policy; and a current version number of the policy. 

17. The method of claim 1 , wherein the application comprises a web service 
provided to the user via a client by one or more network servers, said client and network 
servers being coupled to a data communication network. 

1 8. The method of claim 1 7, further comprising managing use of the selected 
information as a function of whether the user has a relationship with another web 
service. 

19. The method of claim 17, further comprising storing, in a central database, 
a user profile containing the information associated with the user, said central database 
being associated with a central server coupled to the data communication network. 

20. The method of claim 1 7, wherein the client operates a browser configured 
to permit the user to communicate on the data communication network, and wherein 
notifying the user comprises providing a user interface via the browser to inform the 
user of the change to the policy and to request re-consent. 
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21 . The method of claim 1 7 wherein the network servers are web servers and 
the data communication network is the Internet. 

22. One or more computer-readable media have computer-executable 
instructions for performing the method of claim 1 . 

23. A method of managing consent between a client and at least one network 
server, said client and said network server being coupled to a data communication 
network, said network server providing one or more services to a user via the client, 
said client operating a browser configured to permit the user to communicate on the 
data communication network, said method comprising: 

identifying the user in connection with the network server, said network 
server requesting to use selected information associated with the user according to a 
predefined policy; 

defining a consent state associated with the identified user, said consent 
state directly corresponding to a version of the policy for which permission has been 
granted for the network server to use the selected information; 

identifying which version of the policy is currently in use for the network 

server; and 

providing a user interface via the browser to notify the user when the 
version of the policy corresponding to the consent state is different from the version of 
the policy currently in use for the network server. 
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24. The method of claim 23, wherein the user interface is provided by a 
central server also coupled to the data communication network. 

25. The method of claim 23, further comprising notifying the user of one or 
more differences between the version of the policy corresponding to the consent state 
and the version of the policy currently in use for the network server. 

26. The method of claim 23, further comprising requesting consent to the 
version of the policy currently in use for the network server via the user interface. 

27. The method of claim 26, further comprising denying use of the selected 
information by the network server until the consent is granted in response to the user 
interface. 

28. The method of claim 26, further comprising denying use of the selected 
information by the network server if the consent is denied in response to the user 
interface. 

29. The method of claim 26, wherein the identified user is associated with a 
managed account and wherein requesting consent to the version of the policy currently 
in use comprises requesting consent from a manager of the account. 
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30. The method of claim 23, further comprising maintaining a user profile 
associated with the user and storing the consent state in user profile. 

31 . The method of claim 23, further comprising storing content of a change to 
the policy corresponding to the consent state relative to the version of the policy 
currently in use for the network server. 

32. The method of claim 23, further comprising maintaining a notification store 
containing information representative of one or more of the following: a grace period for 
granting consent to the change to the policy; content of a change to the policy relative to 
a later version of the policy; and a current version number of the policy. 

33. The method of claim 23, further comprising managing use of the selected 
information as a function of whether the user has a relationship with another service. 

34. The method of claim 23, further comprising storing, in a central database, 
a user profile containing the information associated with the user, said central database 
being associated with a central server coupled to the data communication network. 

35. The method of claim 34 wherein the central server is an authentication 
server of a multi-site user authentication system and the network servers are affiliated 
with the authentication server, said authentication server receiving requests to 
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authenticate the user when the user requests the web service to be provided by one or 
more of the affiliated network servers. 

36. The method of claim 23, wherein the network servers are web servers and 
the data communication network is the Internet. 

37. One or more computer-readable media have computer-executable 
instructions for performing the method of claim 23. 

38. An authentication system comprising: 

an authentication server coupled to a data communication network; 

an authentication database associated with the authentication server, said 
authentication database storing authentication information for comparison to login 
information provided by a user for authenticating the user, said authentication database 
further storing user-specific information identifying the user with respect to one or more 
services provided by at least one affiliate server coupled to the data communication 
network, said affiliate server providing the one or more services to the user via a client 
coupled to the data communication network and requesting to use selected information 
associated with the user according to a predefined policy; 

said authentication server being configured to identify which version of the 
policy is currently in use for the affiliate server and to provide a user interface for 
notifying the user when the version of the policy currently in use is different from a policy 
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under which the user previously granted permission for the affiliate server to use the 
selected information. 

39. The system of claim 38, further comprising a notification store containing 
information representative of one or more of the following: a grace period for the user to 
consent to the change to the policy; content of a change to the policy relative to a later 
version of the policy; and a current version number of the policy. 

40. The system of claim 38, wherein the user interface provided by the 
authentication server further displays a user-selectable option for requesting consent 
from the user for the version of the policy currently in use for the affiliate server. 

41 . The system of claim 38, wherein the affiliate server is a web server and 
the data communication network is the Internet. 

42. One or more computer-readable media having computer-executable 
components for managing consent between a client and at least one network server, 
said client and said network server being coupled to a data communication network, 
said network server providing one or more services to a user via the client and 
requesting to use selected information associated with the user according to a 
predefined policy, said computer-readable media comprising: 

an authentication component for authenticating the user and for identifying 
which version of the policy is currently in use for the network server; 
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a profiling component for determining whether the user previously granted 
permission for the network server to use the selected information and for retrieving a 
consent state associated with the user, said consent state directly corresponding to a 
version of the policy for which the user has previously granted permission for the 
network server to use the selected information; and 

a re-consent component for notifying the user of one or more differences 
between the version of the policy currently in use for the network server and the version 
of the policy associated with the consent state and for requesting consent to the 
differences from the user. 

43. The computer-readable media of claim 42, further comprising a user 
profile store containing information associated with the user and wherein the central 
server is responsive to the profiling component for retrieving the consent state 
associated with the user from the user profile store. 

44. The computer-readable media of claim 42, wherein the re-consent 
component comprises an interface component for providing a user interface to the user 
via the client. 

45. The computer-readable media of claim 42, further comprising a notification 
store containing information representative of one or more of the following: a grace 
period for the user to consent to the change to the policy; content of the change to the 
policy relative to a version of the policy; and a current version number of the policy. 



